GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,816

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,082 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

pithos before 0.3.5 allows overwrite of arbitrary files via symlinks. Moderate Unreviewed

CVE-2010-4817 was published Apr 21, 2022

rpcbind 0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink... High Unreviewed

CVE-2010-2064 was published Apr 21, 2022

The init script in autokey before 0.61.3-2 allows local attackers to write to arbitrary files via... Moderate Unreviewed

CVE-2010-0398 was published Apr 21, 2022

alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a... Low Unreviewed

CVE-2009-0035 was published Apr 21, 2022

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco... High Unreviewed

CVE-2022-20720 was published Apr 16, 2022

A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low... High Unreviewed

CVE-2022-1256 was published Apr 15, 2022

In mobile_log_d, there is a possible symbolic link following due to an improper link resolution.... Moderate Unreviewed

CVE-2022-20068 was published Apr 12, 2022

VMware Horizon Client for Linux (prior to 22.x) contains a local privilege escalation as a user... High Unreviewed

CVE-2022-22962 was published Apr 12, 2022

A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to... High Unreviewed

CVE-2022-27883 was published Apr 10, 2022

The combination of primitives offered by SMB and AFP in their default configuration allows the... Critical Unreviewed

CVE-2022-22995 was published Mar 27, 2022

Docker Desktop installer on Windows in versions before 4.6.0 allows an attacker to overwrite any... High Unreviewed

CVE-2022-26659 was published Mar 26, 2022

An issue existed within the path validation logic for symlinks. This issue was addressed with... High Unreviewed

CVE-2022-22585 was published Mar 19, 2022

In connsyslogger, there is a possible symbolic link following due to improper link resolution.... Moderate Unreviewed

CVE-2022-20050 was published Mar 11, 2022

ROG Live Service’s function for deleting temp files created by installation has an improper link... High Unreviewed

CVE-2022-22262 was published Mar 2, 2022

A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend... High Unreviewed

CVE-2022-24680 was published Feb 25, 2022

A link following privilege escalation vulnerability in Trend Micro Antivirus for Max 11.0.2150... High Unreviewed

CVE-2022-24671 was published Feb 25, 2022

A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend... High Unreviewed

CVE-2022-24679 was published Feb 25, 2022

All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink... Moderate Unreviewed

CVE-2021-44141 was published Feb 22, 2022

snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker... High Unreviewed

CVE-2021-44730 was published Feb 19, 2022

An improper link resolution before file access ('link following') vulnerability exists in the... High Unreviewed

CVE-2022-0017 was published Feb 11, 2022

This affects the package juce-framework/JUCE before 6.1.5. This vulnerability is triggered when a... High Unreviewed

CVE-2021-23521 was published Feb 8, 2022

A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman... High Unreviewed

CVE-2022-21944 was published Jan 27, 2022

An improper link resolution before file access vulnerability exists in the Palo Alto Networks... High Unreviewed

CVE-2022-0012 was published Jan 13, 2022

Windows Cleanup Manager Elevation of Privilege Vulnerability. Moderate Unreviewed

CVE-2022-21838 was published Jan 12, 2022

Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE... High Unreviewed

CVE-2022-21895 was published Jan 12, 2022

Previous 1…4344 Next

Previous 1 2 … 40 41 42 43 44 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,082 advisories